Vulnerability-Lookup

CVE-2020-6302 (GCVE-0-2020-6302)

Vulnerability from cvelistv5 – Published: 2020-09-09 12:52 – Updated: 2024-08-04 08:55

Summary

SAP Commerce versions 6.7, 1808, 1811, 1905, 2005 contains the jSession ID in the backoffice URL when the application is loaded initially. An attacker can get this session ID via shoulder surfing or man in the middle attack and subsequently get access to admin user accounts, leading to Session Fixation and complete compromise of the confidentiality, integrity and availability of the application.

Severity ?

6.4 (Medium)


                        
                          CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-384 - (Session Fixation)

Assigner

sap

References

URL

	Vendor	Product	Version
	SAP SE	SAP Commerce	Affected: < 6.7 Affected: < 1808 Affected: < 1811 Affected: < 1905 Affected: < 2005

GHSA-M697-R4GM-82F3

Vulnerability from github – Published: 2022-05-24 17:27 – Updated: 2022-05-24 17:27

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-6302"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-09-09T13:15:00Z",
    "severity": "HIGH"
  },
  "details": "SAP Commerce versions 6.7, 1808, 1811, 1905, 2005 contains the jSession ID in the backoffice URL when the application is loaded initially. An attacker can get this session ID via shoulder surfing or man in the middle attack and subsequently get access to admin user accounts, leading to Session Fixation and complete compromise of the confidentiality, integrity and availability of the application.",
  "id": "GHSA-m697-r4gm-82f3",
  "modified": "2022-05-24T17:27:43Z",
  "published": "2022-05-24T17:27:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6302"
    },
    {
      "type": "WEB",
      "url": "https://launchpad.support.sap.com/#/notes/2934451"
    },
    {
      "type": "WEB",
      "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CNVD-2020-65569

Vulnerability from cnvd - Published: 2020-11-23

Title

SAP Commerce存在未明漏洞（CNVD-2020-65569）

Description

SAP Commerce是德国思爱普（SAP）公司的一套基于云的电子商务平台。该产支持销售管理、营销管理、订单管理和运营管理等。 SAP Commerce 6.7、1808、1811、1905和2005版本存在安全漏洞，攻击者可利用该漏洞访问admin用户帐户。

Severity

高

Patch Name

SAP Commerce存在未明漏洞（CNVD-2020-65569）的补丁

Patch Description

SAP Commerce是德国思爱普（SAP）公司的一套基于云的电子商务平台。该产支持销售管理、营销管理、订单管理和运营管理等。 SAP Commerce 6.7、1808、1811、1905和2005版本存在安全漏洞，攻击者可利用该漏洞访问admin用户帐户。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，详情请关注厂商主页：https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700

Reference

https://launchpad.support.sap.com/#/notes/2934451

Impacted products

Name
['SAP SAP Commerce 1808', 'SAP SAP Commerce 1811', 'SAP SAP Commerce 1905', 'SAP SAP Commerce 2005', 'SAP SAP Commerce 6.7']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-6302",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-6302"
    }
  },
  "description": "SAP Commerce\u662f\u5fb7\u56fd\u601d\u7231\u666e\uff08SAP\uff09\u516c\u53f8\u7684\u4e00\u5957\u57fa\u4e8e\u4e91\u7684\u7535\u5b50\u5546\u52a1\u5e73\u53f0\u3002\u8be5\u4ea7\u652f\u6301\u9500\u552e\u7ba1\u7406\u3001\u8425\u9500\u7ba1\u7406\u3001\u8ba2\u5355\u7ba1\u7406\u548c\u8fd0\u8425\u7ba1\u7406\u7b49\u3002\n\nSAP Commerce 6.7\u30011808\u30011811\u30011905\u548c2005\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8bbf\u95eeadmin\u7528\u6237\u5e10\u6237\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1ahttps://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-65569",
  "openTime": "2020-11-23",
  "patchDescription": "SAP Commerce\u662f\u5fb7\u56fd\u601d\u7231\u666e\uff08SAP\uff09\u516c\u53f8\u7684\u4e00\u5957\u57fa\u4e8e\u4e91\u7684\u7535\u5b50\u5546\u52a1\u5e73\u53f0\u3002\u8be5\u4ea7\u652f\u6301\u9500\u552e\u7ba1\u7406\u3001\u8425\u9500\u7ba1\u7406\u3001\u8ba2\u5355\u7ba1\u7406\u548c\u8fd0\u8425\u7ba1\u7406\u7b49\u3002\r\n\r\nSAP Commerce 6.7\u30011808\u30011811\u30011905\u548c2005\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8bbf\u95eeadmin\u7528\u6237\u5e10\u6237\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "SAP Commerce\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2020-65569\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "SAP SAP Commerce 1808",
      "SAP SAP Commerce 1811",
      "SAP SAP Commerce 1905",
      "SAP SAP Commerce 2005",
      "SAP SAP Commerce 6.7"
    ]
  },
  "referenceLink": "https://launchpad.support.sap.com/#/notes/2934451",
  "serverity": "\u9ad8",
  "submitTime": "2020-09-14",
  "title": "SAP Commerce\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2020-65569\uff09"
}

FKIE_CVE-2020-6302

Vulnerability from fkie_nvd - Published: 2020-09-09 13:15 - Updated: 2024-11-21 05:35

Severity ?

8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
cna@sap.com	https://launchpad.support.sap.com/#/notes/2934451	Permissions Required
cna@sap.com	https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://launchpad.support.sap.com/#/notes/2934451	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700	Vendor Advisory

Impacted products

Vendor	Product	Version
sap	commerce	6.7
sap	commerce	1808
sap	commerce	1811
sap	commerce	1905
sap	commerce	2005

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sap:commerce:6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "20B6F0DE-3989-47FD-97F0-2F52245D57A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:commerce:1808:*:*:*:*:*:*:*",
              "matchCriteriaId": "F352D085-2B1E-44A9-81C6-2E1F5C249AB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:commerce:1811:*:*:*:*:*:*:*",
              "matchCriteriaId": "27A12336-30BA-439D-A3F2-B7D93D5B52DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:commerce:1905:*:*:*:*:*:*:*",
              "matchCriteriaId": "F665F648-5C35-4EC8-8064-8ED139C8813C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:commerce:2005:*:*:*:*:*:*:*",
              "matchCriteriaId": "C788164A-7724-4CB1-8ADC-B05ADE595020",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "SAP Commerce versions 6.7, 1808, 1811, 1905, 2005 contains the jSession ID in the backoffice URL when the application is loaded initially. An attacker can get this session ID via shoulder surfing or man in the middle attack and subsequently get access to admin user accounts, leading to Session Fixation and complete compromise of the confidentiality, integrity and availability of the application."
    },
    {
      "lang": "es",
      "value": "SAP Commerce versiones 6.7, 1808, 1811, 1905, 2005, contienen el ID de jSession en la URL backoffice cuando la aplicaci\u00f3n es cargada inicialmente.\u0026#xa0;Un atacante puede obtener este ID de sesi\u00f3n por medio de la navegaci\u00f3n de hombro o un ataque de tipo man in the middle y, posteriormente, obtener acceso a las cuentas de usuario de administrador, conllevando a una Fijaci\u00f3n de Sesi\u00f3n y al compromiso total de la confidencialidad, integridad y disponibilidad de la aplicaci\u00f3n."
    }
  ],
  "id": "CVE-2020-6302",
  "lastModified": "2024-11-21T05:35:28.123",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.5,
        "impactScore": 5.9,
        "source": "cna@sap.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-09-09T13:15:11.627",
  "references": [
    {
      "source": "cna@sap.com",
      "tags": [
        "Permissions Required"
      ],
      "url": "https://launchpad.support.sap.com/#/notes/2934451"
    },
    {
      "source": "cna@sap.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "https://launchpad.support.sap.com/#/notes/2934451"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700"
    }
  ],
  "sourceIdentifier": "cna@sap.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-384"
        }
      ],
      "source": "cna@sap.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTFR-2020-AVI-549

Vulnerability from certfr_avis - Published: 2020-09-08 - Updated: 2020-09-08

De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
SAP	N/A	SAPUI5 (UI_700) version 200
SAP	N/A	SAP Marketing (Mobile Channel Servlet) versions 130, 140 et 150
SAP	N/A	SAP Netweaver AS ABAP versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753 et 754
SAP	N/A	SAP Adaptive Server Enterprise versions 15.7 et 16.0
SAP	N/A	SAPFiori (Launchpad) versions 750, 752, 753, 754 et 755
SAP	N/A	SAP NetWeaver AS ABAP (BSP Test Application) versions 700,701,702,730,731,740,750,751,752,753,754 et 755
SAP	N/A	S/4HANA FIN PROD SUBLDGR version 100
SAP	N/A	SAPUI5 (SAP_UI) versions 750, 751, 752, 753, 754 et 755
SAP	N/A	SAP NetWeaver (Knowledge Management) versions 7.30,7.31,7.40 et 7.50
SAP	N/A	SAP Business Client version 6.5
SAP	N/A	SAP 3D Visual Enterprise Viewer version 9
SAP	N/A	SAP Business Objects Business Intelligence Platform (BI Workspace) versions 4.1 et 4.2
SAP	N/A	SAPUI5 (UISAPUI5_JAVA) version 7.50
SAP	N/A	SAP NetWeaver (ABAP Server) et ABAP Platform versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754 et 755
SAP	N/A	SAP NetWeaver (ABAP Server) et ABAP Platform versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 753 et 755
SAP	SAP NetWeaver AS Java	SAP NetWeaver AS JAVA (IIOP service) (SERVERCORE) versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40 et 7.50
SAP	SAP NetWeaver AS Java	SAP NetWeaver AS JAVA (IIOP service) (CORE-TOOLS) versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40 et 7.50
SAP	N/A	SAP Solution Manager (User Experience Monitoring) version 7.2
SAP	N/A	SAP Commerce versions 6.7, 1808, 1811, 1905 et 2005
SAP	N/A	BANKING SERVICES FROM SAP 9.0 (Bank Analyzer) version 500

References

Title

Publication Time

Tags

Bulletin de sécurité SAP du 08 septembre 2020

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SAPUI5 (UI_700) version 200",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP Marketing (Mobile Channel Servlet) versions 130, 140 et 150",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP Netweaver AS ABAP versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753 et 754",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP Adaptive Server Enterprise versions 15.7 et 16.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAPFiori (Launchpad) versions 750, 752, 753, 754 et 755",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP NetWeaver AS ABAP (BSP Test Application) versions 700,701,702,730,731,740,750,751,752,753,754 et 755",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "S/4HANA FIN PROD SUBLDGR version 100",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAPUI5 (SAP_UI) versions 750, 751, 752, 753, 754 et 755",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP NetWeaver (Knowledge Management) versions 7.30,7.31,7.40 et 7.50",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP Business Client version 6.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP 3D Visual Enterprise Viewer version 9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP Business Objects Business Intelligence Platform (BI Workspace) versions 4.1 et 4.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAPUI5 (UISAPUI5_JAVA) version 7.50",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP NetWeaver (ABAP Server) et ABAP Platform versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754 et 755",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP NetWeaver (ABAP Server) et ABAP Platform versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 753 et 755",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP NetWeaver AS JAVA (IIOP service) (SERVERCORE) versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40 et 7.50",
      "product": {
        "name": "SAP NetWeaver AS Java",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP NetWeaver AS JAVA (IIOP service) (CORE-TOOLS) versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40 et 7.50",
      "product": {
        "name": "SAP NetWeaver AS Java",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP Solution Manager (User Experience Monitoring) version 7.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP Commerce versions 6.7, 1808, 1811, 1905 et 2005",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "BANKING SERVICES FROM SAP 9.0 (Bank Analyzer) version 500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-6328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6328"
    },
    {
      "name": "CVE-2020-6282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6282"
    },
    {
      "name": "CVE-2020-6334",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6334"
    },
    {
      "name": "CVE-2020-6351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6351"
    },
    {
      "name": "CVE-2020-6296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6296"
    },
    {
      "name": "CVE-2020-6349",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6349"
    },
    {
      "name": "CVE-2020-6359",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6359"
    },
    {
      "name": "CVE-2020-6341",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6341"
    },
    {
      "name": "CVE-2020-6338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6338"
    },
    {
      "name": "CVE-2020-6207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6207"
    },
    {
      "name": "CVE-2020-6283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6283"
    },
    {
      "name": "CVE-2020-6343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6343"
    },
    {
      "name": "CVE-2020-6335",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6335"
    },
    {
      "name": "CVE-2020-6329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6329"
    },
    {
      "name": "CVE-2020-6344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6344"
    },
    {
      "name": "CVE-2020-6318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6318"
    },
    {
      "name": "CVE-2020-6347",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6347"
    },
    {
      "name": "CVE-2020-6357",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6357"
    },
    {
      "name": "CVE-2020-6346",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6346"
    },
    {
      "name": "CVE-2020-6348",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6348"
    },
    {
      "name": "CVE-2020-6312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6312"
    },
    {
      "name": "CVE-2020-6356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6356"
    },
    {
      "name": "CVE-2020-6322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6322"
    },
    {
      "name": "CVE-2020-6325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6325"
    },
    {
      "name": "CVE-2020-6354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6354"
    },
    {
      "name": "CVE-2020-6320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6320"
    },
    {
      "name": "CVE-2020-6288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6288"
    },
    {
      "name": "CVE-2020-6333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6333"
    },
    {
      "name": "CVE-2020-6332",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6332"
    },
    {
      "name": "CVE-2020-6311",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6311"
    },
    {
      "name": "CVE-2020-6340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6340"
    },
    {
      "name": "CVE-2020-6317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6317"
    },
    {
      "name": "CVE-2020-6321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6321"
    },
    {
      "name": "CVE-2020-6355",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6355"
    },
    {
      "name": "CVE-2020-6352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6352"
    },
    {
      "name": "CVE-2020-6350",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6350"
    },
    {
      "name": "CVE-2020-6326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6326"
    },
    {
      "name": "CVE-2020-6337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6337"
    },
    {
      "name": "CVE-2020-6275",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6275"
    },
    {
      "name": "CVE-2020-6302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6302"
    },
    {
      "name": "CVE-2020-11022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
    },
    {
      "name": "CVE-2020-6353",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6353"
    },
    {
      "name": "CVE-2020-6339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6339"
    },
    {
      "name": "CVE-2020-6330",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6330"
    },
    {
      "name": "CVE-2020-6314",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6314"
    },
    {
      "name": "CVE-2020-6336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6336"
    },
    {
      "name": "CVE-2020-6313",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6313"
    },
    {
      "name": "CVE-2020-6358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6358"
    },
    {
      "name": "CVE-2020-6345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6345"
    },
    {
      "name": "CVE-2020-6360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6360"
    },
    {
      "name": "CVE-2020-6342",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6342"
    },
    {
      "name": "CVE-2020-6331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6331"
    },
    {
      "name": "CVE-2020-6324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6324"
    },
    {
      "name": "CVE-2020-6361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6361"
    },
    {
      "name": "CVE-2020-11023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
    },
    {
      "name": "CVE-2020-6327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6327"
    }
  ],
  "initial_release_date": "2020-09-08T00:00:00",
  "last_revision_date": "2020-09-08T00:00:00",
  "links": [],
  "reference": "CERTFR-2020-AVI-549",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-09-08T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SAP.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SAP",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SAP du 08 septembre 2020",
      "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700"
    }
  ]
}

GSD-2020-6302

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2020-6302

Aliases

CVE-2020-6302

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-6302",
    "description": "SAP Commerce versions 6.7, 1808, 1811, 1905, 2005 contains the jSession ID in the backoffice URL when the application is loaded initially. An attacker can get this session ID via shoulder surfing or man in the middle attack and subsequently get access to admin user accounts, leading to Session Fixation and complete compromise of the confidentiality, integrity and availability of the application.",
    "id": "GSD-2020-6302"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-6302"
      ],
      "details": "SAP Commerce versions 6.7, 1808, 1811, 1905, 2005 contains the jSession ID in the backoffice URL when the application is loaded initially. An attacker can get this session ID via shoulder surfing or man in the middle attack and subsequently get access to admin user accounts, leading to Session Fixation and complete compromise of the confidentiality, integrity and availability of the application.",
      "id": "GSD-2020-6302",
      "modified": "2023-12-13T01:21:55.273247Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cna@sap.com",
        "ID": "CVE-2020-6302",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "SAP Commerce",
                    "version": {
                      "version_data": [
                        {
                          "version_name": "\u003c",
                          "version_value": "6.7"
                        },
                        {
                          "version_name": "\u003c",
                          "version_value": "1808"
                        },
                        {
                          "version_name": "\u003c",
                          "version_value": "1811"
                        },
                        {
                          "version_name": "\u003c",
                          "version_value": "1905"
                        },
                        {
                          "version_name": "\u003c",
                          "version_value": "2005"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "SAP SE"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "SAP Commerce versions 6.7, 1808, 1811, 1905, 2005 contains the jSession ID in the backoffice URL when the application is loaded initially. An attacker can get this session ID via shoulder surfing or man in the middle attack and subsequently get access to admin user accounts, leading to Session Fixation and complete compromise of the confidentiality, integrity and availability of the application."
          }
        ]
      },
      "impact": {
        "cvss": {
          "baseScore": "6.4",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-384 (Session Fixation)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700",
            "refsource": "MISC",
            "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700"
          },
          {
            "name": "https://launchpad.support.sap.com/#/notes/2934451",
            "refsource": "MISC",
            "url": "https://launchpad.support.sap.com/#/notes/2934451"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:sap:commerce:6.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:commerce:1808:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:commerce:1811:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:commerce:1905:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:commerce:2005:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cna@sap.com",
          "ID": "CVE-2020-6302"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "SAP Commerce versions 6.7, 1808, 1811, 1905, 2005 contains the jSession ID in the backoffice URL when the application is loaded initially. An attacker can get this session ID via shoulder surfing or man in the middle attack and subsequently get access to admin user accounts, leading to Session Fixation and complete compromise of the confidentiality, integrity and availability of the application."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://launchpad.support.sap.com/#/notes/2934451",
              "refsource": "MISC",
              "tags": [
                "Permissions Required"
              ],
              "url": "https://launchpad.support.sap.com/#/notes/2934451"
            },
            {
              "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.2,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2020-09-10T02:12Z",
      "publishedDate": "2020-09-09T13:15Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-6302 (GCVE-0-2020-6302)

GHSA-M697-R4GM-82F3

CNVD-2020-65569

FKIE_CVE-2020-6302

CERTFR-2020-AVI-549

Solution

GSD-2020-6302

Tags

Sightings

Nomenclature